Wimax Security System Arch

8/9/2019 Wimax Security System Arch.

1/25

SEMINARON

IEEE 802.16(WI MAX) WIRELESS

SECURITYSUBMITTED BY

ANANT MAHESHWARI(EC/06/107)IV YR. ECE

SEMINAR CO-ORDINATOR

Mr. Vijay AgarwalMr. Deepak Balana


2/25

CONTANT

Wireless system

IEEE 802.16

Working of WiMAX

WiMAX over other Technologies

IEEE 802.16 Security Architecture IEEE 802.16 Security Process


3/25

Wireless system

Transfer information without electric conductors

,wires.

Cover few or long distances.

Advantages- mobility, easier & less expensiveinstallation, increase reliability, disaster recovery.


4/25

Uses

Satellite communication

Telecommunication

Education Business

Medical purpose

Military, etc.


5/25

IEEE 802.16

Also known as Wi Max (WorldWide

Interoperability For Microwave Access).

Its range is in km. as compare to Wi Fi

(meters).

Operate at 10-66 GHz & tuned at 2-11 GHzfor BWA (broadband wireless access).

Provides 70Mbps over up to 50 Km.


6/25

Cont.

Support LOS & NLOS.

Provide broadband access to internet efficiently.

Uses point-multipoint link (consists of basetransceiver station ,a central antenna whichcommunicates with subscribers antennas).

Categories-fixed, mobile WiMAX

major goal is to minimize the packet loss anddelay .


7/25

HOW WIMAX WORKS ??


8/25

Types of WiMAX

Point to Point (PTP)

Point to multipoint (PTMP)

WiMAX can also be setup as mesh networksallowing the WiMAX systems to forward

packets between the base stations and

subscribers without having to install comm.lines between the base stations .


9/25


10/25

WiMAX over other Technologies

3G Wi- Fi

802.11

WiMAX

802.16

MOBILE- Fi

802.20

Max speed 2Mbps 54Mbps 100Mbps 16Mbps

Coverage Severalmiles

300 feet 50 miles Several miles

Airwaves Licensed Unlicensed Either Licensed

Advantage Range ,

mobility

Speed, price Range, SpeedMobility,Speed

Disadvt. Slow,

expensive

Short range Interference

issues ?

High price


11/25

IEEE 802.16 Security Architecture


12/25

802.16 MAC Protocol Stack


13/25

MAC CS Sub-layer

CS Layer:

Receives data from

higher layers

Classifies the packet

Forwards frames to CPSlayer


14/25

MAC CPS Sub-layer

Performs typical MAC functions suchas addressing

Each SS assigned 48-bit MAC

address

Connection Identifiers used asprimary address after initialization


15/25

Cont..

MAC policy determined by direction of

transmission

Uplink is DAMA-TDM

Downlink is TDM

Data encapsulated in a common format facilitating

interoperability Fragment or pack frames as needed

Changes transparent to receiver


16/25

MAC Privacy Sub-layer Provides secure

communication

Data encrypted with

cipher clock chainingmode of DES

Prevents theft of service

SSs authenticated by BS

using key managementprotocol


17/25

IEEE 802.16 Security

Architecture


18/25

IEEE 802.16 Security Process


19/25

Authentication


20/25

Data Key Exchange

Data encryption requires data key called TransportEncryption key (TEK).

TEK is generated by BS randomly TEK is encrypted with

Triple-DES (use 128 bits KEK)

RSA (use SSs public key)

AES (use 128 bits KEK)

Key Exchange message is authenticated by HMAC-SHA1 (provides Message Integrity and AK confirmation)


21/25

Data Encryption


22/25

Data Encryption

Encrypt only data message not management

message

DES in CBC Mode

56 bit DES key (TEK)

No Message Integrity Detection

No Replay Protection


23/25

Conclusion

It need the bidirectional authorization

Require more flexible authentication method EAP Authentication

Improve Key derivation

Include the system identity (i.e., SSID)

Key freshness include random number from both SSand BS

Prefer AES to DES for data encryption


24/25


25/25

Documents

Wimax Security System Arch